Re: Somebody is keep trying to ssh into my systems, how can I stop that?



Ertugrul Soeylemez wrote:

left_coast <void@xxxxxxxx> (06-08-15 18:23:22):

As of yet, I have yet to see a valid point about portknocking or
openssh. Unless you have an actual valid point (I suggest you
research it so you actually know what you are talking about) then make
it.

I've never made any offending statement about your method, as you should
know by now. Well, somehow you _feel_ offended by me.

I AM offended by LIARS, as you are. I am also offended by people that go on
and on about things they know NOTHING about, as you have done.


I repeat: Your
method isn't necessarily bad. It provides an additional (possibly
major) security advantage in one place by giving up some (minor)
security in other places.

THEN IT IS A GOOD TRADE OFF. If I get MAJOR improvement by giving up a minor
amount of security someplace else, then I have IMPROVED SECURITY.

The former may be superior, but it's still a
fact to consider.


Considering the "facts" you presented about OpenSSH code being the same for
OpenBSD and Linux, you will forgive me if I do not believe additional
"facts" from you.

You deny that every portknocking method may be flawed as well as the
SSHd, and that some flaws _might_ allow an attacker to bypass the SSHd
totally.

PROOF???????? Provide an example of an actual instance that would have
allowed SSHd to be bypassed. Never mind that I was NEVER talking about
total security of ssh.

If the Netfilter has such a security flaw,

Show where it EVER has had one. There is NO security method that is perfect,
so one makes the best choices one can. As of yet, nobody has shown a
netfilter venerability that would allow access you are SPECULATING about. I
have shown where OpenSSH has had 2 or more such vulnerabilites PER YEAR FOR
6 YEARS. The choice is OBVIOUS to me. But to someone that thinks the
OpenBSD Openssh code is the same as the Linux version might think
otherwise.

which is only
exploitable by the presence of certain rules,

An actual example of one?

then you would have been
better off without portknocking.

If one has ever existed.

It's unlikely, but (as shown by the
TCP options bug) still possible.

what does a snort denial of service bug have to do with this discussion?
Another one of your shotgun attacks? You are PATHETIC.


http://securitytracker.com/alerts/2004/Dec/1012656.html



Regards,
E.S.

--
Still waiting for a rational answer from Bittwister to this:
<nfqlo3-qds.ln1@xxxxxxxxxxxxxxxxxxxx>.
.



Relevant Pages

  • Re: Fatal: Privilege separation user sshd does not exist
    ... >> I decide to upgrade to the latest 3.4p1 version for security reasons. ... >> However, having started the new sshd, every attempt to connect from both ... such as getting OpenSSH via RPM instead of building it yourself. ...
    (comp.security.ssh)
  • [Full-Disclosure] iDEFENSE: Upcoming OpenSSH Security Advisory Announcement
    ... Upcoming OpenSSH Preauthentication Vulnerability Announcement ... For more information regarding the OpenBSD Crew's struggle ... and the lack of lucrative security PRODUCT and RESEARCH to the market. ...
    (Full-Disclosure)
  • Re: incidents Digest 22 Feb 2004 13:01:58 -0000 Issue 515
    ... Subject: OpenSSH anomaly ... Opinions contained in this e-mail do not necessarily reflect ... the opinions of the Queensland Department of Main Roads, ... Astaro Security Linux -- firewall with Spam/Virus Protection ...
    (Incidents)
  • Re: updates and version numbers
    ... 4.9-RELEASE + security patches. ... It is quite possible that OpenSSH 3.7.x will be imported to 4-STABLE, ... If there are any security problems ... The last OpenSSH security advisory was ...
    (freebsd-stable)
  • Re: Virus from web surfing
    ... The link somehow created a loop between my PC and the offending ... If security is marching you out on the street for that, you worked for the wrong company IMO. ...
    (alt.comp.anti-virus)